Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YfL1rEBuI12bOANGVakVYclhhDg.roa
File: YfL1rEBuI12bOANGVakVYclhhDg.roa (raw, json)
Hash identifier: Kwix76KCh4RAvsR/fb1ElG/yaA7QAloeCkbII6/V6Zc=
Subject key identifier: 61:F2:F5:AC:40:6E:23:5D:9B:38:03:46:55:A9:15:61:C9:61:84:38
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0192CC9D5B04926A6721C718EEB6A2280E8E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YfL1rEBuI12bOANGVakVYclhhDg.roa
Signing time: Sun 27 Oct 2024 06:15:17 +0000
ROA not before: Sun 27 Oct 2024 06:15:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214238
IP address blocks: 5.253.56.0/24 maxlen: 24
5.253.57.0/24 maxlen: 24
5.253.58.0/24 maxlen: 24
31.169.124.0/24 maxlen: 24
31.169.125.0/24 maxlen: 24
31.169.126.0/24 maxlen: 24
31.169.127.0/24 maxlen: 24
45.88.66.0/24 maxlen: 24
45.95.0.0/24 maxlen: 24
45.95.2.0/24 maxlen: 24
45.128.99.0/24 maxlen: 24
45.149.235.0/24 maxlen: 24
83.143.113.0/24 maxlen: 24
85.208.139.0/24 maxlen: 24
87.120.92.0/24 maxlen: 24
87.120.108.0/24 maxlen: 24
87.120.196.0/24 maxlen: 24
87.120.205.0/24 maxlen: 24
87.120.216.0/24 maxlen: 24
87.120.219.0/24 maxlen: 24
87.120.222.0/24 maxlen: 24
87.121.47.0/24 maxlen: 24
87.121.216.0/24 maxlen: 24
93.123.31.0/24 maxlen: 24
94.125.102.0/24 maxlen: 24
94.125.103.0/24 maxlen: 24
185.207.14.0/24 maxlen: 24
185.207.15.0/24 maxlen: 24
185.252.179.0/24 maxlen: 24
193.8.184.0/24 maxlen: 24
193.8.186.0/24 maxlen: 24
193.8.187.0/24 maxlen: 24
193.148.56.0/24 maxlen: 24
193.148.57.0/24 maxlen: 24
193.148.58.0/24 maxlen: 24
193.148.59.0/24 maxlen: 24
193.168.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Oct 2024 05:42:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:cc:9d:5b:04:92:6a:67:21:c7:18:ee:b6:a2:28:0e:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 27 06:15:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61f2f5ac406e235d9b38034655a91561c9618438
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b2:e6:84:eb:7d:cd:26:3e:d5:35:ba:5e:88:
9f:a8:b5:f0:14:39:dc:18:99:43:98:e6:06:04:38:
28:13:8b:24:02:ba:42:9d:06:14:df:82:17:17:87:
f0:e6:a3:03:11:13:6c:1f:02:ef:e7:cf:15:61:58:
d7:8d:e3:ca:a7:75:98:b0:19:fd:63:0f:4c:e2:f4:
fd:87:93:6d:60:87:45:8d:91:80:87:cc:e6:8c:7c:
8d:2b:78:a0:67:ac:46:eb:14:bf:fd:a4:0e:cd:94:
0d:90:79:ac:6f:d6:d2:ea:f3:9b:c7:9e:ce:8d:11:
e7:2b:35:59:86:e1:0e:61:28:a2:96:f4:1c:96:a8:
bd:75:e5:9c:91:8b:49:4d:dd:b4:9a:c3:c5:9d:ab:
6a:8d:43:b5:ac:b0:11:64:34:d8:db:c7:1f:13:e4:
c2:b0:c8:34:97:28:8f:30:e4:1f:36:07:91:43:a5:
e9:71:3a:93:29:7c:23:1e:ed:53:08:e5:4e:68:14:
43:81:4d:56:c8:3b:c7:e5:b5:bd:61:31:cb:5c:bb:
09:81:67:ca:f6:df:24:7f:c6:fe:b9:c5:06:fb:e6:
e0:3f:9a:6d:e2:4c:4c:21:8e:08:66:be:d8:c7:ea:
d2:16:a4:44:d3:08:02:97:0a:c9:02:9f:72:e0:4f:
f1:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:F2:F5:AC:40:6E:23:5D:9B:38:03:46:55:A9:15:61:C9:61:84:38
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YfL1rEBuI12bOANGVakVYclhhDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.56.0-5.253.58.255
31.169.124.0/22
45.88.66.0/24
45.95.0.0/24
45.95.2.0/24
45.128.99.0/24
45.149.235.0/24
83.143.113.0/24
85.208.139.0/24
87.120.92.0/24
87.120.108.0/24
87.120.196.0/24
87.120.205.0/24
87.120.216.0/24
87.120.219.0/24
87.120.222.0/24
87.121.47.0/24
87.121.216.0/24
93.123.31.0/24
94.125.102.0/23
185.207.14.0/23
185.252.179.0/24
193.8.184.0/24
193.8.186.0/23
193.148.56.0/22
193.168.199.0/24
Signature Algorithm: sha256WithRSAEncryption
70:d6:1a:c9:ae:65:24:cc:f7:f4:58:6c:0e:bc:02:d3:e8:62:
00:2b:31:9c:fc:89:36:80:2c:74:7f:be:bf:6b:67:34:2e:42:
26:35:bc:f4:85:24:fc:aa:99:73:80:55:fa:66:03:e2:5f:c8:
8e:36:2f:7c:d3:8a:4f:92:3a:f6:9e:76:76:ad:d3:70:7a:84:
94:f2:81:5b:9c:9e:cb:7f:bc:a5:df:c2:58:e2:38:b3:6a:65:
f1:aa:a4:be:18:cd:06:f6:7a:19:17:7b:c2:8d:f6:72:b3:f6:
d6:93:50:48:a5:34:b3:e8:12:f6:35:6e:80:05:5b:2e:96:d0:
c1:65:b7:33:f5:da:61:37:bc:ca:b4:45:f0:18:7d:87:2a:d7:
f0:ca:25:5c:c6:3d:35:9d:e5:2e:25:f3:a0:d3:67:24:19:26:
4e:d5:58:f1:66:11:ad:8b:8e:28:c5:48:f4:53:bf:0e:8a:03:
a6:f0:1b:44:6d:25:1f:06:75:77:e6:8a:65:a7:19:b5:d7:25:
21:8d:dc:3f:b6:24:0c:c4:81:44:07:93:81:9d:2a:0b:19:83:
66:f2:0d:7b:a3:94:bc:e2:1c:28:cb:0e:9c:bf:55:85:2b:aa:
ed:ae:d9:a6:ea:33:36:a6:25:d5:d3:e2:29:13:14:c4:5a:61:
73:96:15:06
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAZLMnVsEkmpnIccY7raiKA6OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDI3MDYxNTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWYyZjVhYzQwNmUyMzVkOWIzODAzNDY1NWE5MTU2MWM5NjE4NDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLLmhOt9zSY+1TW6XoifqLXwFDnc
GJlDmOYGBDgoE4skArpCnQYU34IXF4fw5qMDERNsHwLv588VYVjXjePKp3WYsBn9
Yw9M4vT9h5NtYIdFjZGAh8zmjHyNK3igZ6xG6xS//aQOzZQNkHmsb9bS6vObx57O
jRHnKzVZhuEOYSiilvQclqi9deWckYtJTd20msPFnatqjUO1rLARZDTY28cfE+TC
sMg0lyiPMOQfNgeRQ6XpcTqTKXwjHu1TCOVOaBRDgU1WyDvH5bW9YTHLXLsJgWfK
9t8kf8b+ucUG++bgP5pt4kxMIY4IZr7Yx+rSFqRE0wgClwrJAp9y4E/xhwIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFGHy9axAbiNdmzgDRlWpFWHJYYQ4MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWWZMMXJFQnVJMTJiT0FOR1Zha1ZZY2xoaERnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBqwQCAAEwgaQwDAME
AwX9OAMEAAX9OgMEAh+pfAMEAC1YQgMEAC1fAAMEAC1fAgMEAC2AYwMEAC2V6wME
AFOPcQMEAFXQiwMEAFd4XAMEAFd4bAMEAFd4xAMEAFd4zQMEAFd42AMEAFd42wME
AFd43gMEAFd5LwMEAFd52AMEAF17HwMEAV59ZgMEAbnPDgMEALn8swMEAMEIuAME
AcEIugMEAsGUOAMEAMGoxzANBgkqhkiG9w0BAQsFAAOCAQEAcNYaya5lJMz39Fhs
DrwC0+hiACsxnPyJNoAsdH++v2tnNC5CJjW89IUk/KqZc4BV+mYD4l/IjjYvfNOK
T5I69p52dq3TcHqElPKBW5yey3+8pd/CWOI4s2pl8aqkvhjNBvZ6GRd7wo32crP2
1pNQSKU0s+gS9jVugAVbLpbQwWW3M/XaYTe8yrRF8Bh9hyrX8MolXMY9NZ3lLiXz
oNNnJBkmTtVY8WYRrYuOKMVI9FO/DooDpvAbRG0lHwZ1d+aKZacZtdclIY3cP7Yk
DMSBRAeTgZ0qCxmDZvINe6OUvOIcKMsOnL9VhSuq7a7ZpuozNqYl1dPiKRMUxFph
c5YVBg==
-----END CERTIFICATE-----
Generated at Tue Oct 29 09:23:25 2024 by rpki-client on console-ams.rpki-client.org